ModSecurity

ModSecurity is an efficient firewall for Apache web servers that's employed to stop attacks toward web applications. It monitors the HTTP traffic to a particular website in real time and stops any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - for example, attempting to log in to a script admin area unsuccessfully many times triggers one rule, sending a request to execute a certain file which could result in getting access to the Internet site triggers a different rule, and so forth. ModSecurity is one of the best firewalls out there and it will protect even scripts that are not updated often because it can prevent attackers from employing known exploits and security holes. Incredibly thorough info about every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the regular logs generated by the Apache server, so you can later examine them and determine if you need to take additional measures so as to enhance the security of your script-driven Internet sites.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting packages, so your web applications will be resistant to destructive attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective section of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you'll find in Hepsia are extremely detailed and feature info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etc. We employ a range of commercial rules which are often updated, but sometimes our admins add custom rules as well in order to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer feature ModSecurity and because the firewall is switched on by default, any website that you set up under a domain or a subdomain shall be protected straight away. An individual section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to stop and start the firewall for any website or switch on a detection mode. With the latter, ModSecurity will not take any action, but it shall still identify possible attacks and will keep all info in a log as if it were fully active. The logs could be found in the same section of the CP and they feature details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules which we employ on our web servers are a mix of commercial ones from a security company and custom ones created by our system administrators. As a result, we offer greater security for your web apps as we can shield them from attacks even before security corporations release updates for new threats.

ModSecurity in VPS

ModSecurity is included with all Hepsia-based virtual private servers which we offer and it will be activated automatically for every new domain or subdomain that you include on the hosting server. This way, any web app that you install shall be secured immediately without doing anything manually on your end. The firewall may be handled through the section of the CP which bears the same name. This is the place in whichyou could switch off ModSecurity or let its passive mode, so it will not take any action toward threats, but will still maintain a comprehensive log. The recorded data is available inside the same area as well and you will be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we employ on our servers are a combination between commercial ones we obtain from a security firm and custom ones which are added by our staff to maximize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Hosting

ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to use it since it is activated by default each time you include a new domain or subdomain on your server. In the event that it disrupts any of your applications, you'll be able to stop it through the respective area of Hepsia, or you could leave it working in passive mode, so it will recognize attacks and shall still maintain a log for them, but will not stop them. You may examine the logs later to learn what you can do to improve the safety of your Internet sites as you shall find details such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity responded, and so forth. The rules that we employ are commercial, hence they're regularly updated by a security provider, but to be on the safe side, our admins also add custom rules occasionally in order to react to any new threats they have discovered.